The UNODC presentation at the second facilitation meeting for WSIS Action Line C5: “Building Confidence and Security in the use of ICTs” will make reference to the general mandate for UNODC, arising from the Bangkok Declaration on “Synergies and Responses: Strategic Alliances in Crime Prevention and Criminal Justice”, endorsed by General Assembly resolution 60/177 of 16 December 2005, “to enhance and supplement existing cooperation to prevent, investigate and prosecute high-technology and computer-related crime, including through the development of partnerships with the private sector”.

he presentation will further focus on the more specific mandate for UNODC to elaborate a study on fraud and the criminal misuse and falsification of identity, in accordance with Economic and Social Council resolution 2004/26 of 21 July 2004. In that resolution, the Council had requested the Secretary-General to convene an intergovernmental expert group for the purpose of preparation of the study. The expert group was convened on an open-ended intergovernmental basis, and met twice, in March 2005 and January 2007. Between the two sessions, a questionnaire was prepared, circulated for discussion and sent to all Member States. 46 Member States responded, providing the majority of the data used in the study. A draft report, including conclusions and recommendations, was prepared and circulated to the experts, and then revised based on comments received. The results of the study
were presented to the Commission on Crime Prevention and Criminal Justice at its 16th session, held on 23-27 April 2007 in Vienna.

The part of the study on identity-related crime, which is considered to include both “identity-theft” and “identity-fraud”, provides a series of recommendations in areas such as international cooperation; jurisdictional aspects; domestic powers to investigate, prosecute and punish related offences; cooperation between criminal justice systems and the private sector; identity-related crime in the context of development, reconstruction and economic transition; prevention; and training.
The UNODC officer will share those findings and recommendations with the participants looking forward to a constructive dialogue and exchange of views.

Title of Presentation:
"Enhancing Cybersecurity Knowledge by an Educational Program Framework".

This presentation proposes an initiative developed by the University of Lausanne to promote cybersecurity education at regional and international levels.
A global educational program framework related to cyberthreats issues is identified to meet WSIS action line C5 goals, in order to contribute to cyberthreats control and to countermeasures’ quality improvement at different levels. This comprehensive program takes into consideration the necessity to understand cybersecurity issues and to develop effective countermeasures by policy makers, regulators, IT engineers, executives and end users. The structure of this program, including examples of putting into practices
is presented.

Title of Presentation: "Integral Enabling System as the Mission of
a National Strategy".

Cyber security is considered to be one of the most important factors to
build a new kind of information and knowledge society, information and knowledge
economy worldwide – only secure flow of data over ICT networks ensures confidence
of general public in technological novelties and promotes wider adoption
of ICTs into daily lives. Cyber threats have no state boards, but can make
significant negative impact on national economy and personal life.

The truly international feature of cyber security was duly regarded in
WSIS Tunis, final documents of which made a call for global action. This
encouraged looking more closely at cyber security challenges at the national
level and search for new more effective measures to combat cyber security
threats. In the meeting, the Lithuanian experience in developing a cyber
security strategic approach will be presented, including the reasons behind
the need for a strategy, the integral system of strategic guidelines and
the evolving changes.

Abstract for presentation by
Ms. Audrey PLONK, Information Security and Privacy, Organisation of
Economic Cooperation and Development (OECD)

Title of Presentation: "Policies to Protect the Critical Information
Infrastructure in Several OECD Member Countries".

This presentation will provide an overview of ongoing work by the OECD Working
Party on Information Security and Privacy (WPISP) on similarities and differences
in policies for protecting the critical information infrastructure (CII)
across several OECD countries. With a view to identifying good practices,
the OECD WPISP studies focus on the definition of the CII, risk management
strategies, frameworks and policies regarding the CII, as well as challenges
to information sharing and cross-border cooperation for addressing the risk
to the CII. In 2006, the WPISP conducted a first study examining policies
in four volunteer OECD countries. The final report from that study is available
on the OECD Information
Security and Privacy website. A second study is being conducted in 2007
that examines the policies of three additional OECD countries.

Title of Presentation: "OECD - APEC Joint Work
on Malicious Software".

Rapid advances in technology and increased dependence on the Internet have
made information systems and networks, including those that support national
critical infrastructures, vulnerable to failure, outage, and attacks by
malicious actors. To complement ongoing efforts to improve the security
of information systems and networks, and better tackle the international
dimension of information security risks, the OECD and APEC have partnered
to examine the issues of malicious code and malicious software, commonly
known as "malware". The OECD and the APEC are developing analytical report
on malware focusing on how it is used to compromise information systems
and networks with the goal of:

Informing policymakers on the impacts of malware;

Cataloguing data trends in malware growth and evolution;

Examining the economics of malware and the business models behind
malicious activity involving malware;

Outlining recommendations to secure information systems from
the threat of malware.

In addition to the analytical report, APEC and OECD held a Malware Workshop
April 22 - 23, 2007 at the APEC TEL 35 meeting in Manila, Philippines. The
workshop brought together representatives from the various communities addressing
malware in order to inform policymakers of the issues, gain a better collective
understanding of the issues, and inform the analytical report. The issues
of malware demand close international cooperation and coordination among
the various stakeholders in the security community.

Abstract for presentation by
Mr. Nabil SAHLI, CEO of the National Agency for Computer Security and
Head of the Public Tunisian CERT (CERT-TCC)

Title of Presentation: "Insights into the Tunisian Experience and
Strategy in the Establishment of National Watch, Warning and Incident Response
Capabilities".

As a case example for developing countries, we will present the Tunisian
Experience in establishing the first public CERT in Africa (CERT-Tcc), to
outline the tasks that are important for CERTs in developing countries.
We will give an overview about :

The awareness and information
actions carried by the CERT-TCC and the specific actions carried due to
our position as a public CERT (parents and youth and common ICT users awareness).

The launch of an incident handling team and the accompanying
lawful measures, besides the establishment of a Watch and Alert Center and
reaction plan.

Professional Training and Education actions, based on the launch
of training sessions for trainers and on the launch of Masters in IT security

Research and Development strategy and actions, based on the open-source
approach, for the rapid and efficient emergence of national R&D activities.

The collaboration with associations (NGO).

We will close by presenting an overview about some of the urgent needs
of less developing countries and present some key points to consider when
building CERTs in less developing countries.

Title of Presentation: "Global Harmonization of Cybercrime Legislation".

The global harmonization of national cybercrime legislation has been an
evolution over a period of 30 years. From a Bill, through recommendations
to the adoption of a convention, we have reached a time of bringing information
of the basic standards and principles of what is achieved to the global
society.

Based on the convention and recommendations from global organizations
it is today necessary to envisage the elaboration of a global legal framework
on cybercrime. This presentation will consider different future models for
global harmonization of cybercrime legislation.

Abstract for presentation by
Mr. Alexander SEGER, Head of Technical Cooperation, Department of Crime
Problems, Council of Europe, Strasbourg, France

Title of Presentation: "Developing National Legislation on Cybercrime:
The Convention on Cybercrime as a Guideline".

In order to establish a legislative framework to meet the challenges of
cybercrime countries need to:

- Criminalise certain conduct in their substantive criminal law.
As a minimum this should include illegal access to a computer system, illegal
interception, data interference, system interference, the misuse of devices,
computer-related forgery and fraud, child pornography, xenophobia and racism,
infringement of copyright and related rights

- Give law enforcement/criminal justice the means to investigate,
prosecute and adjudicate cybercrimes in their criminal procedure law. As
a minimum this should provide for expedited preservation of computer and
traffic data, production order, search and seizure of stored computer data,
real-time collection of traffic data, interception of content data and procedural
safeguards

- Allow for efficient international cooperation by harmonising
legislation, making provisions and establishing institutions for police
and judicial cooperation, and concluding or joining agreements.

The Convention on Cybercrime of the Council of Europe serves any country
as a clear guideline for the development of national legislation along these
lines. In addition, it provides a framework for effective international
cooperation among the increasing number of parties to this treaty.

The task of Critical Information Infrastructure Protection (CIIP) is acknowledged
as an indispensable component of national security policy all over the world.
Some countries have built up sophisticated CIIP organizations, involving
agencies from different ministries, and building on a variety of initiatives
and programs. However, since these solutions are fairly resource-intensive,
they are not suitable for a majority of the countries of the world. Thus,
in order to help countries to determine their individual solution, the presented
generic model offers building blocks for a working, government-led CIIP
unit.

By concentrating on the most essential tasks, cooperation between various
stakeholders, flexibility and adaptability, one may develop a relatively
inexpensive solution that can be further tailored, if necessary, to country-specific
needs.

Title of Presentation: "Information Sharing and Incident Response
– A European Perspective".

Mr. Thorbruegge's presentation will give a summarised picture of what’s
going on in the field of Information Sharing and Incident Response. The
presentation will shortly introduce the European Network and Information
Security Agency (ENISA) and its work in various fields of NIS, with a special
emphasis on the work in the field of CERT/CSIRT cooperation and support,
as CSIRTs (Computer Security and Incident Response Teams) play a leading
role in both fields and are a key factor for a comprehensive and successful
security strategy on various levels.

Finally the presentation will give the audience some information about
a feasibility study for a “European Information Sharing and Alerting System”
(EISAS) that the ENISA is currently carrying out, based on a request from
the European Commission.

Ms. Jody Westby's presentation focuses on how governance is the critical
foundation for an organization to manage incident response and provide critical
information to national or regional coordination centers.